Newsroom (Archive)

A hand-picked curation of industry news and information, to keep you well informed on all things cybersecurity

LastPass Breach Resulted from Failure to Update Plex Software.   A recent breach at LastPass, a popular password management service, has been attributed to the failure of one of its engineers to update Plex software on their home computer. This serves as a reminder of the importance of keeping software up-to-date to avoid potential security risks.   The breach occurred when unidentified actors leveraged information stolen from a previous...

Read More

A new information stealer called SYS01stealer has been discovered by cybersecurity researchers, targeting critical government infrastructure employees, manufacturing companies, and other sectors.   The attack is designed to steal sensitive information, including login data, cookies, and Facebook ad and business account information. The Israeli cybersecurity company Morphisec reported that the campaign was initially tied to a financially motivated cybercriminal operation dubbed Ducktail by Zscaler. However, WithSecure, which...

Read More

On March 4, 2023, Wing Security, a SaaS Security Posture Management (SSPM) company, made waves with the launch of its free SaaS-Shadow IT discovery solution. The self-service product operates on a "freemium" model and offers cloud-based companies insight into their employees' SaaS usage. Within the first few weeks of launching, over 200 companies enrolled in the free discovery tool.   Wing recently released a short report on...

Read More
gootloader

Six Law Firms Targeted in GootLoader and SocGholish Malware Campaigns   Mar 01, 2023 - In January and February 2023, six different law firms were targeted in two separate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader is a first-stage downloader that is capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It employs search engine optimization (SEO)...

Read More

Cisco has released software fixes for multiple versions of firmware running on some of its IP phones, the company announced in an advisory. The advisory covers two vulnerabilities that affect six products, including the 6800 series, 7800 series, and 8800 series phones running the company’s multiplatform firmware.   The first vulnerability, CVE-2023-20078 (CVSS score 9.8), allows an unauthenticated remote attacker to send a crafted request to the...

Read More

Today marks a significant milestone in the cyber threat landscape, as the first publicly known malware capable of bypassing Secure Boot defenses has been discovered. Dubbed BlackLotus, the stealthy Unified Extensible Firmware Interface (UEFI) bootkit is being offered for sale at $5,000 and is programmed in Assembly and C.   According to ESET, a Slovak cybersecurity company, BlackLotus is capable of running on fully up-to-date Windows 11...

Read More